This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 26%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGS%3C/text%3E%3C/svg%3E)
Users based in India, even when remoted into to a US machine, are unable to log into the East region Azure VM using their 365 credentials. No error is given, it just keeps prompting for their password. After three times, it disconnects. No US users face this issue when accessing the VM from the same US machine.
This issue ended up being resolved. Despite their passwords previously working, resetting it for each user from India needing access resolved the issue.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 38%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Hi Gino Sullivan,
Thank you for letting us know, as your issue been resolved.
Please let us know, if you have further queries.
Hi ,
Thanks for reaching out to Microsoft Q&A.
This issue appears to be related to Conditional Access Policies, geolocation restrictions, or authentication context within AAD / Entra ID. Here are the most likely root causes and steps to troubleshoot:
Even if users are remoted into a US machine, their sign-in telemetry (for AAD auth) may still show as originating from India due to:
VPNs or remote tools that tunnel credentials from source.
Action:
Go to Azure AD > Sign-in logs.
Filter by the affected user.
Check “Conditional Access” status and any policy failures.
Review the “Location” and “Client App” used.
If Indian users are required to perform MFA (due to location, risk-based policy, etc.) and MFA fails or times out, it may appear as a silent failure.
Action:
Ensure that MFA is working for these users.
Check the MFA status and enforce re-registration if needed.
If the VM is AAD joined or Hybrid joined, the login attempt uses Workplace Join mechanisms. These can fail silently when:
Timezone or regional settings are mismatched.
The user’s device is not properly registered or compliant.
Intune/MDM policies restrict sign-in based on compliance status.
Action:
Verify the VM's join status: dsregcmd /status from the VM.
Check if device-based access restrictions exist in Conditional Access.
If the user has never logged into the VM before, they need to authenticate with Azure AD. This process may not work correctly if there is no lineofsight to Azure AD or if the login context is restricted.
Action:
Have a US-based user create the profile first.
Then try remote sign-in from India through the US VM.
If Microsoft’s authentication services are resolving the user’s location as India, certain policies might block the attempt even if the access is through a US machine.
Action:
Use whatismyipaddress.com or iplocation.net from the US machine after India user connects. Confirm the origin IP of the auth request.
Review Named locations in Conditional Access.
Short-Term Fixes
Please feel free to click the 'Upvote' (Thumbs-up) button and 'Accept as Answer'. This helps the community by allowing others with similar queries to easily find the solution.